Re: user/group for servlet engine

Tue, 8 Jun 1999 11:13:11 -0700 

Milt:

One approach I've tried is to have a seperate application server job
(running with a normal Java runtime) on the server side (on the same machine
or not) and have it logged in as "root" effectively, and it gets to files,
resources, etc. The servlets then all communicate with it (via CORBA or the
like).

Mike Nash
JavaCorporate Ltd: Java Components for the Corporate Intranet
http://www.javacorporate.com


-----Original Message-----
From: Milt Epstein [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 08, 1999 2:01 PM
To: [EMAIL PROTECTED]
Subject: user/group for servlet engine


I was sure this had come up before, but I couldn't find anything about
it on the archives (well, when I could get through to the archives).

Basically, I'm wondering how people are dealing with the situation
where a servlet needs to access some files whose access is
restricted (via file permissions; I guess this is most/only applicable
in a UNIX environment).

The standard thing might be to run the servlet engine as the same
user/group as the web server (e.g. nobody), that user being one with
very limited permissions on the system.  But then the servlets
wouldn't have access to any restricted files.

The other extreme would be to run the servlet engine as root, in which
case the servlets would have access to everything.  But that probably
is not advisable.

Other suggestions?

Thanks.

Milt Epstein
Research Programmer
Software/Systems Development Group
Computing and Communications Services Office (CCSO)
University of Illinois at Urbana-Champaign (UIUC)
[EMAIL PROTECTED]

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to